<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=9"/>
<link rel="shortcut icon" type="image/x-icon" href="favicon.ico"/>
<title>DynamoRIO API: DynamoRIO System Details</title>
<link href="tabs.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="jquery.js"></script>
<script type="text/javascript" src="dynsections.js"></script>
<link href="navtree.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="resize.js"></script>
<script type="text/javascript" src="navtree.js"></script>
<script type="text/javascript">
  $(document).ready(initResizable);
</script>
<link href="search/search.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="search/search.js"></script>
<script type="text/javascript">
  $(document).ready(function() { searchBox.OnSelectItem(0); });
</script>
<link href="doxygen.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
<div id="titlearea">
<table cellspacing="0" cellpadding="0">
 <tbody>
 <tr style="height: 56px;">
  <td style="padding-left: 0.5em;">
   <div id="projectname">DynamoRIO API
   </div>
  </td>
   <td>        <div id="MSearchBox" class="MSearchBoxInactive">
        <span class="left">
          <img id="MSearchSelect" src="search/mag_sel.png"
               onmouseover="return searchBox.OnSearchSelectShow()"
               onmouseout="return searchBox.OnSearchSelectHide()"
               alt=""/>
          <input type="text" id="MSearchField" value="Search" accesskey="S"
               onfocus="searchBox.OnSearchFieldFocus(true)" 
               onblur="searchBox.OnSearchFieldFocus(false)" 
               onkeyup="searchBox.OnSearchFieldChange(event)"/>
          </span><span class="right">
            <a id="MSearchClose" href="javascript:searchBox.CloseResultsWindow()"><img id="MSearchCloseImg" border="0" src="search/close.png" alt=""/></a>
          </span>
        </div>
</td>
 </tr>
 </tbody>
</table>
</div>
<!-- end header part -->
<!-- Generated by Doxygen 1.8.1.1 -->
<script type="text/javascript">
var searchBox = new SearchBox("searchBox", "search",false,'Search');
</script>
</div><!-- top -->
<div id="side-nav" class="ui-resizable side-nav-resizable">
  <div id="nav-tree">
    <div id="nav-tree-contents">
    </div>
  </div>
  <div id="splitbar" style="-moz-user-select:none;" 
       class="ui-resizable-handle">
  </div>
</div>
<script type="text/javascript">
$(document).ready(function(){initNavTree('overview.html','');});
</script>
<div id="doc-content">
<!-- window showing the filter options -->
<div id="MSearchSelectWindow"
     onmouseover="return searchBox.OnSearchSelectShow()"
     onmouseout="return searchBox.OnSearchSelectHide()"
     onkeydown="return searchBox.OnSearchSelectKey(event)">
<a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(0)"><span class="SelectionMark">&#160;</span>All</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(1)"><span class="SelectionMark">&#160;</span>Data Structures</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(2)"><span class="SelectionMark">&#160;</span>Files</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(3)"><span class="SelectionMark">&#160;</span>Functions</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(4)"><span class="SelectionMark">&#160;</span>Variables</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(5)"><span class="SelectionMark">&#160;</span>Typedefs</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(6)"><span class="SelectionMark">&#160;</span>Enumerations</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(7)"><span class="SelectionMark">&#160;</span>Enumerator</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(8)"><span class="SelectionMark">&#160;</span>Macros</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(9)"><span class="SelectionMark">&#160;</span>Groups</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(10)"><span class="SelectionMark">&#160;</span>Pages</a></div>

<!-- iframe showing the search results (closed by default) -->
<div id="MSearchResultsWindow">
<iframe src="javascript:void(0)" frameborder="0" 
        name="MSearchResults" id="MSearchResults">
</iframe>
</div>

<div class="header">
  <div class="headertitle">
<div class="title">DynamoRIO System Details </div>  </div>
</div><!--header-->
<div class="contents">
<div class="textblock"><p>DynamoRIO is a system for runtime code manipulation that is efficient, transparent, and comprehensive, able to observe and manipulate every executed instruction in an unmodified application running on a stock operating system and commodity hardware.</p>
<h1><a class="anchor" id="sec_intro"></a>
Introduction</h1>
<p>DynamoRIO operates in user mode on a target process. It acts as a <em>process virtual machine</em>, interposing between the application and the operating system. It has a complete view of the application code stream and acts as a runtime control point, allowing custom tools to be embedded inside it:</p>
<div class="image">
<img src="interpose.png" alt="interpose.png"/>
</div>
  <p>The application itself, along with the underlying operating system and hardware, remain unchanged. DynamoRIO operates in native (non-virtual) environments as well as inside guest operating systems running on virtual machines. Tools created on top of DynamoRIO will operate without change whether the underlying operating system is native or a virtual machine guest.</p>
<h1><a class="anchor" id="sec_system"></a>
System Operation</h1>
<p>DynamoRIO operates by shifting an application's execution from its original instructions to a <em>code cache</em>, where the instructions can be freely modified. DynamoRIO occupies the address space with the application and has full control over execution, taking over whenever control leaves the code cache or when the operating system directly transfers control to the application (<em>kernel-mediated control transfers</em>):</p>
<div class="image">
<img src="flow-highlevel.png" alt="flow-highlevel.png"/>
</div>
  <p>DynamoRIO copies the application code one <em>dynamic basic block</em> at a time into its basic block code cache. A block that directly targets another block already resident in the cache is linked to that block to avoid the cost of returning to the DynamoRIO dispatcher.</p>
<p>Frequently executed sequences of basic blocks are combined into <em>traces</em>, which are placed in a separate code cache. DynamoRIO makes these traces available via its interface for convenient access to hot application code streams.</p>
<p>The following figure shows the flow of control between the components of DynamoRIO and its code caches:</p>
<div class="image">
<img src="flow.png" alt="flow.png"/>
</div>
  <p>The context switch is between DynamoRIO's operational state and the machine state of the application: both are still within the same process.</p>
<p>Indirect branches require dynamic resolution of their targets, which is performed via an inlined table lookup or a compare to a known target inlined into a trace.</p>
<h1><a class="anchor" id="sec_sys_transp"></a>
Transparency</h1>
<p>Transparency is an important requirement for DynamoRIO and its clients. The subject is fully covered in <a class="el" href="transparency.html">Client Transparency</a>.</p>
<h1><a class="anchor" id="sec_refs"></a>
References</h1>
<p>The canonical reference for DynamoRIO is:</p>
<ul>
<li>Derek Bruening.<br/>
 <a href="http://www.burningcutlery.com/derek/phd.html">Efficient, Transparent, and Comprehensive Runtime Code Manipulation</a>.<br/>
 Ph.D. Thesis, MIT, September 2004.</li>
</ul>
<p>Other publications describing DynamoRIO include:</p>
<ul>
<li>Derek Bruening and Vladimir Kiriansky.<br/>
 <a href="http://www.burningcutlery.com/derek/docs/procshared-VEE08.pdf">Process-Shared and Persistent Code Caches</a>.<br/>
 International Conference on Virtual Execution Environments (VEE-08), March 2008.<br/>
</li>
</ul>
<ul>
<li>Derek Bruening, Vladimir Kiriansky, Timothy Garnett, and Sanjeev Banerji.<br/>
 <a href="http://www.burningcutlery.com/derek/docs/threadshared-CGO06.pdf">Thread-Shared Software Code Caches</a>.<br/>
 International Symposium on Code Generation and Optimization (CGO-06), March 2006.<br/>
</li>
</ul>
<ul>
<li>Derek Bruening and Saman Amarasinghe. <br/>
 <a href="http://www.burningcutlery.com/derek/docs/cacheconscap-CGO05.pdf">Maintaining Consistency and Bounding Capacity of Software Code Caches</a>.<br/>
 International Symposium on Code Generation and Optimization (CGO-05), March 2005. <br/>
</li>
</ul>
<ul>
<li>Gregory Sullivan, Derek Bruening, Iris Baron, Timothy Garnett, and Saman Amarasinghe. <br/>
 <a href="http://www.burningcutlery.com/derek/docs/IVME03.pdf">Dynamic Native Optimization of Interpreters</a>. <br/>
 ACM Workshop on Interpreters, Virtual Machines and Emulators (IVME-03), June 2003.<br/>
</li>
</ul>
<ul>
<li>Derek Bruening, Timothy Garnett, and Saman Amarasinghe. <br/>
 <a href="http://www.burningcutlery.com/derek/docs/adaptive-CGO03.pdf">An Infrastructure for Adaptive Dynamic Optimization</a>. <br/>
 International Symposium on Code Generation and Optimization (CGO-03), March 2003. <br/>
</li>
</ul>
<ul>
<li>Derek Bruening, Evelyn Duesterwald, and Saman Amarasinghe.<br/>
 <a href="http://www.burningcutlery.com/derek/docs/win32-FDDO.pdf">Design and Implementation of a Dynamic Optimization Framework for Windows</a>.<br/>
 4th ACM Workshop on Feedback-Directed and Dynamic Optimization (FDDO-4), December 2001.<br/>
</li>
</ul>
<div class="image">
<img src="favicon.ico" alt="favicon.ico"/>
</div>
 </div></div><!-- contents -->
</div><!-- doc-content -->
<!-- start footer part -->
<div id="nav-path" class="navpath"><!-- id is needed for treeview function! -->
  <ul>
    <li class="footer" style="float:none;text-align:center"><img border=0 src="favicon.png"> &nbsp;  DynamoRIO API version 5.0.0 --- Wed Sep 10 2014 21:36:44 &nbsp; <img border=0 src="favicon.png">
</small></address>
<!--END !GENERATE_TREEVIEW-->
</body>
</html>
